Re: [PATCH v2] crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 4/29/24 12:47, Jarkko Sakkinen wrote:
On Mon Apr 29, 2024 at 7:13 PM EEST, Stefan Berger wrote:
Prevent ecc_digits_from_bytes from reading too many bytes from the input
byte array in case an insufficient number of bytes is provided to fill the
output digit array of ndigits. Therefore, initialize the most significant
digits with 0 to avoid trying to read too many bytes later on. Convert the
function into a regular function since it is getting too big for an inline
function.

If too many bytes are provided on the input byte array the extra bytes
are ignored since the input variable 'ndigits' limits the number of digits
that will be filled.

Fixes: d67c96fb97b5 ("crypto: ecdsa - Convert byte arrays with key coordinates to digits")
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>

---

v2:
  - un-inline function
  - use memset
---
  crypto/ecc.c                  | 22 ++++++++++++++++++++++
  include/crypto/internal/ecc.h | 15 ++-------------
  2 files changed, 24 insertions(+), 13 deletions(-)

diff --git a/crypto/ecc.c b/crypto/ecc.c
index c1d2e884be1e..fe761256e335 100644
--- a/crypto/ecc.c
+++ b/crypto/ecc.c
@@ -68,6 +68,28 @@ const struct ecc_curve *ecc_get_curve(unsigned int curve_id)
  }
  EXPORT_SYMBOL(ecc_get_curve);

Just a minor nit:

For exported symbol you need to document the function,including
the parameters [1].

Like other functions, the ecc_digits_from_bytes also still/already has the documentation in the header file:

/**
* ecc_digits_from_bytes() - Create ndigits-sized digits array from byte array
 * @in:       Input byte array
 * @nbytes    Size of input byte array
 * @out       Output digits array
 * @ndigits:  Number of digits to create from byte array
 */
void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
                           u64 *out, unsigned int ndigits);

 Should be ok?




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux